Fortinet white logo
Fortinet white logo

Administration Guide

FortiGuard

FortiGuard

Go to System > FortiGuard to view the FortiGuard page.

The following options and information are available:

Module Name

FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Industry Security Signature, and Traffic Sniffer.

All modules automatically install update packages when they are available on FDN.

Current Version

Current version of the module.

Last Check Time

Date and time that module last checked for an update.

Last Update Time

Date and time that module was last updated.

Last Check Status

Status of the last update attempt.

Upload Package File

Click Choose File to select a package file on the management computer, then click Submit to upload the package file to FortiSandbox.

If the unit has no access to Fortinet FDN servers, go to the Customer Service and Support site to download package files manually.

FortiGuard Server Location

Select FDN servers for package update and Web Filtering query. The default selection is Nearest which is the FDN server nearest to the unit's time zone. Selecting US Region means using only servers in the USA. Selecting Global means using global FDN servers via secure connection via HTTPS port 443 to do FDN update.

FortiGuard Server Settings

Use override FDN server to download module updates

Enable this option to use an override FDN server or FortiManager to download module updates. Enter the override server IP address or FQDN in the text box. Enabling this option disables FortiGuard Server Location.

Click Connect FDN Now to schedule an immediate update check.

Use Proxy

Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

Connect FDN Now

Click Connect FDN Now to connect to the FDN server/proxy.

FortiGuard Web Filter Settings

Secure Connection

FortiSandbox supports secure XOR encrypted connection for FortiGuard web filter settings. When enabled, the system uses secure XOR encrypted mode for the connection.

Use override server for web filtering query

Enable this option to use an override server address for web filtering query using the server IP address or FQDN in the text box.

The default is the web filtering server nearest the unit's time zone.

Use Proxy

Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

VM Image Download Proxy Settings

Use Proxy

Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

FortiSandbox Community Cloud & Threat Intelligence Settings

Use override server for community cloud server query

Enable this option when using FortiManager for FortiGuard upgrades in your environment.

When using FortiManager for FortiGuard upgrades, only verdict information is available for malware. The malware's behavior information is not available.

Use Proxy

Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

FortiSandbox WindowsCloud VM Settings

Server Regions

This option requires a Windows Cloud VM contract.

Select the region where Windows Cloud VMs are used to scan files.

Use override APT server (IP or FQDN)

You can override the APT server and manually enter the IP address of the APT server which hosts the Windows Cloud VM.

FortiSandbox Real-time Zero-Day Anti-Phishing Service Settings

Server Regions

This option requires a Real-time Zero-Day Anti-Phishing contract.

Select the region where Real-time Zero-Day Anti-Phishing is used to scan files.

You can override the Phishing server and manually enter the IP address of the server which hosts the Real-time Zero-Day Anti-Phishing Service.

Use override Real-time Zero-Day Anti-Phishing Service server

Enable this option to use an override server address for Real-time Zero-Day Anti-Phishing Service query using the server IP address and Port in the text box.

The default server refers to Port and access control information .

FortiGuard

FortiGuard

Go to System > FortiGuard to view the FortiGuard page.

The following options and information are available:

Module Name

FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Industry Security Signature, and Traffic Sniffer.

All modules automatically install update packages when they are available on FDN.

Current Version

Current version of the module.

Last Check Time

Date and time that module last checked for an update.

Last Update Time

Date and time that module was last updated.

Last Check Status

Status of the last update attempt.

Upload Package File

Click Choose File to select a package file on the management computer, then click Submit to upload the package file to FortiSandbox.

If the unit has no access to Fortinet FDN servers, go to the Customer Service and Support site to download package files manually.

FortiGuard Server Location

Select FDN servers for package update and Web Filtering query. The default selection is Nearest which is the FDN server nearest to the unit's time zone. Selecting US Region means using only servers in the USA. Selecting Global means using global FDN servers via secure connection via HTTPS port 443 to do FDN update.

FortiGuard Server Settings

Use override FDN server to download module updates

Enable this option to use an override FDN server or FortiManager to download module updates. Enter the override server IP address or FQDN in the text box. Enabling this option disables FortiGuard Server Location.

Click Connect FDN Now to schedule an immediate update check.

Use Proxy

Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

Connect FDN Now

Click Connect FDN Now to connect to the FDN server/proxy.

FortiGuard Web Filter Settings

Secure Connection

FortiSandbox supports secure XOR encrypted connection for FortiGuard web filter settings. When enabled, the system uses secure XOR encrypted mode for the connection.

Use override server for web filtering query

Enable this option to use an override server address for web filtering query using the server IP address or FQDN in the text box.

The default is the web filtering server nearest the unit's time zone.

Use Proxy

Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

VM Image Download Proxy Settings

Use Proxy

Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

FortiSandbox Community Cloud & Threat Intelligence Settings

Use override server for community cloud server query

Enable this option when using FortiManager for FortiGuard upgrades in your environment.

When using FortiManager for FortiGuard upgrades, only verdict information is available for malware. The malware's behavior information is not available.

Use Proxy

Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

FortiSandbox WindowsCloud VM Settings

Server Regions

This option requires a Windows Cloud VM contract.

Select the region where Windows Cloud VMs are used to scan files.

Use override APT server (IP or FQDN)

You can override the APT server and manually enter the IP address of the APT server which hosts the Windows Cloud VM.

FortiSandbox Real-time Zero-Day Anti-Phishing Service Settings

Server Regions

This option requires a Real-time Zero-Day Anti-Phishing contract.

Select the region where Real-time Zero-Day Anti-Phishing is used to scan files.

You can override the Phishing server and manually enter the IP address of the server which hosts the Real-time Zero-Day Anti-Phishing Service.

Use override Real-time Zero-Day Anti-Phishing Service server

Enable this option to use an override server address for Real-time Zero-Day Anti-Phishing Service query using the server IP address and Port in the text box.

The default server refers to Port and access control information .